diff --git a/chrome/content/zotero/xpcom/attachments.js b/chrome/content/zotero/xpcom/attachments.js
index a6d44c4d4..f58983883 100644
--- a/chrome/content/zotero/xpcom/attachments.js
+++ b/chrome/content/zotero/xpcom/attachments.js
@@ -174,6 +174,13 @@ Zotero.Attachments = new function(){
 	function importFromURL(url, sourceItemID, forceTitle, forceFileBaseName, parentCollectionIDs){
 		Zotero.debug('Importing attachment from URL');
 		
+		// Throw error on invalid URLs
+		urlRe = /^https?:\/\/[^\s]*$/;
+		var matches = urlRe.exec(url);
+		if (!matches) {
+			throw ("Invalid URL '" + url + "' in Zotero.Attachments.importFromURL()");
+		}
+		
 		Zotero.Utilities.HTTP.doHead(url, function(obj){
 			var mimeType = obj.channel.contentType;
 			
@@ -343,6 +350,13 @@ Zotero.Attachments = new function(){
 	function linkFromURL(url, sourceItemID, mimeType, title){
 		Zotero.debug('Linking attachment from URL');
 		
+		// Throw error on invalid URLs
+		urlRe = /^https?:\/\/[^\s]*$/;
+		var matches = urlRe.exec(url);
+		if (!matches) {
+			throw ("Invalid URL '" + url + "' in Zotero.Attachments.linkFromURL()");
+		}
+		
 		// If no title provided, figure it out from the URL
 		if (!title){
 			title = url.substring(url.lastIndexOf('/')+1);